Set the Hostname

Before you begin installing and configuring the components described in this guide, please make sure you’ve followed our instructions for setting your hostname. Issue the following commands to make sure it is set properly:

hostname
hostname -f

The first command should show your short hostname, and the second should show your fully qualified domain name (FQDN).

Install the nginx Web Server

Issue the following commands to update your system, install nginx, set it to start on boot, and start it now.

yum update
yum install nginx
chkconfig nginx on
service nginx start

Configure nginx Virtual Hosting

Replace the contents of the file /etc/nginx/nginx.conf with the following contents.

Issue the following command to create directories for your nginx configuration files.

mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled

Create the file /etc/nginx/sites-available/www.example.com, replacing “example.com” with your domain name. It should contain the following configuration directives; again, be sure to replace “example.com” with your domain name.

Create a PHP test page so you can verify that everything is working correctly.

/srv/www/www.example.com/public\\_html/test.php

1
2

<?phpphpinfo();?>

Important Security Considerations

If you’re planning to run applications that support file uploads (images, for example), the above configurations may expose you to a security risk by allowing arbitrary code execution. The short explanation for this behavior is that a properly crafted URI which ends in “.php”, in combination with a malicious image file that actually contains valid PHP, can result in the image being processed as PHP.

To mitigate this issue, you may wish to modify your configuration to include a try_files directive. Please note that this fix requires nginx and the php-fcgi workers to reside on the same server.

More Information

You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.